2024-10-02_e08a178ec1f5812977ffcd0fb7b13c23_cobalt-strike_hijackloader_ryuk

Sharing

Copy URL

Twitter E-mail

General

Target

2024-10-02_e08a178ec1f5812977ffcd0fb7b13c23_cobalt-strike_hijackloader_ryuk
Size

1.5MB
MD5

e08a178ec1f5812977ffcd0fb7b13c23
SHA1

7b4f23bddd8a604ba0a679ee6e772b98f6378b4f
SHA256

8288e3129c1936dcae06e43b78f18a6b0b129c3133172486b6331d135941df15
SHA512

700645351c7e1d8350e394cbaee9e5f00eea1b166f62f307c59815a0ed7ef8d5307cf5351669347db2e87678cd37654f5b4dc4fe315e1760cdb2225327b2979a
SSDEEP

24576:sWORCOsih3Fv9/j0dmwx7XgKmqA1WcC/DQn8P6mz:sWORjsizxAoo7QrvgXEW6M

Score

1^/10

Malware Config

Signatures

Files

2024-10-02_e08a178ec1f5812977ffcd0fb7b13c23_cobalt-strike_hijackloader_ryuk
.exe windows:5 windows x64 arch:x64

6b12c3d549bb61f8c082b883c4c60541

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:5a:bc:9f:66:cf:6b:9b:7a:27:a8:83:c1:1b:b8:6d:e1:8d:38:b2:cf:7f:af:79:65:54:f6:14:ee:93:9d:de
Signer

Actual PE Digest

09:5a:bc:9f:66:cf:6b:9b:7a:27:a8:83:c1:1b:b8:6d:e1:8d:38:b2:cf:7f:af:79:65:54:f6:14:ee:93:9d:de

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\electron-3100d\electron\src\out\release_x64\electron.exe.pdb

Imports

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

kernel32

AcquireSRWLockExclusive
AllocConsole
AttachConsole
CloseHandle
CompareStringW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateRemoteThread
CreateThread
DebugBreak
DecodePointer
DeleteCriticalSection
DeleteProcThreadAttributeList
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesEx
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumber
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessHeaps
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultLocaleName
GetVersionExW
GetWindowsDirectoryW
HeapDestroy
HeapSetInformation
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeProcThreadAttributeList
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
PostQueuedCompletionStatus
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWaitEx
UpdateProcThreadAttribute
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrlenA

winmm

timeGetTime

ntdll

RtlInitUnicodeString

Exports

Exports

Cr_z_zError
Cr_z_zlibCompileFlags
Cr_z_zlibVersion
GetHandleVerifier
IsSandboxedProcess
napi_acquire_threadsafe_function
napi_add_async_cleanup_hook
napi_add_env_cleanup_hook
napi_add_finalizer
napi_adjust_external_memory
napi_async_destroy
napi_async_init
napi_call_function
napi_call_threadsafe_function
napi_cancel_async_work
napi_check_object_type_tag
napi_close_callback_scope
napi_close_escapable_handle_scope
napi_close_handle_scope
napi_coerce_to_bool
napi_coerce_to_number
napi_coerce_to_object
napi_coerce_to_string
napi_create_array
napi_create_array_with_length
napi_create_arraybuffer
napi_create_async_work
napi_create_bigint_int64
napi_create_bigint_uint64
napi_create_bigint_words
napi_create_buffer
napi_create_buffer_copy
napi_create_dataview
napi_create_date
napi_create_double
napi_create_error
napi_create_external
napi_create_external_arraybuffer
napi_create_external_buffer
napi_create_function
napi_create_int32
napi_create_int64
napi_create_object
napi_create_promise
napi_create_range_error
napi_create_reference
napi_create_string_latin1
napi_create_string_utf16
napi_create_string_utf8
napi_create_symbol
napi_create_threadsafe_function
napi_create_type_error
napi_create_typedarray
napi_create_uint32
napi_define_class
napi_define_properties
napi_delete_async_work
napi_delete_element
napi_delete_property
napi_delete_reference
napi_detach_arraybuffer
napi_escape_handle
napi_fatal_error
napi_fatal_exception
napi_get_all_property_names
napi_get_and_clear_last_exception
napi_get_array_length
napi_get_arraybuffer_info
napi_get_boolean
napi_get_buffer_info
napi_get_cb_info
napi_get_dataview_info
napi_get_date_value
napi_get_element
napi_get_global
napi_get_instance_data
napi_get_last_error_info
napi_get_named_property
napi_get_new_target
napi_get_node_version
napi_get_null
napi_get_property
napi_get_property_names
napi_get_prototype
napi_get_reference_value
napi_get_threadsafe_function_context
napi_get_typedarray_info
napi_get_undefined
napi_get_uv_event_loop
napi_get_value_bigint_int64
napi_get_value_bigint_uint64
napi_get_value_bigint_words
napi_get_value_bool
napi_get_value_double
napi_get_value_external
napi_get_value_int32
napi_get_value_int64
napi_get_value_string_latin1
napi_get_value_string_utf16
napi_get_value_string_utf8
napi_get_value_uint32
napi_get_version
napi_has_element
napi_has_named_property
napi_has_own_property
napi_has_property
napi_instanceof
napi_is_array
napi_is_arraybuffer
napi_is_buffer
napi_is_dataview
napi_is_date
napi_is_detached_arraybuffer
napi_is_error
napi_is_exception_pending
napi_is_promise
napi_is_typedarray
napi_make_callback
napi_module_register
napi_new_instance
napi_object_freeze
napi_object_seal
napi_open_callback_scope
napi_open_escapable_handle_scope
napi_open_handle_scope
napi_queue_async_work
napi_ref_threadsafe_function
napi_reference_ref
napi_reference_unref
napi_reject_deferred
napi_release_threadsafe_function
napi_remove_async_cleanup_hook
napi_remove_env_cleanup_hook
napi_remove_wrap
napi_resolve_deferred
napi_run_script
napi_set_element
napi_set_instance_data
napi_set_named_property
napi_set_property
napi_strict_equals
napi_throw
napi_throw_error
napi_throw_range_error
napi_throw_type_error
napi_type_tag_object
napi_typeof
napi_unref_threadsafe_function
napi_unwrap
napi_wrap
node_api_create_external_string_latin1
node_api_create_external_string_utf16
node_api_create_property_key_utf16
node_api_create_syntax_error
node_api_get_module_file_name
node_api_post_finalizer
node_api_symbol_for
node_api_throw_syntax_error
qq_magic_napi_register
uv_accept
uv_async_init
uv_async_send
uv_available_parallelism
uv_backend_fd
uv_backend_timeout
uv_buf_init
uv_cancel
uv_chdir
uv_check_init
uv_check_start
uv_check_stop
uv_clock_gettime
uv_close
uv_cond_broadcast
uv_cond_destroy
uv_cond_init
uv_cond_signal
uv_cond_timedwait
uv_cond_wait
uv_cpu_info
uv_cpumask_size
uv_cwd
uv_default_loop
uv_disable_stdio_inheritance
uv_dlclose
uv_dlerror
uv_dlopen
uv_dlsym
uv_err_name
uv_err_name_r
uv_exepath
uv_fileno
uv_free_cpu_info
uv_free_interface_addresses
uv_freeaddrinfo
uv_fs_access
uv_fs_chmod
uv_fs_chown
uv_fs_close
uv_fs_closedir
uv_fs_copyfile
uv_fs_event_getpath
uv_fs_event_init
uv_fs_event_start
uv_fs_event_stop
uv_fs_fchmod
uv_fs_fchown
uv_fs_fdatasync
uv_fs_fstat
uv_fs_fsync
uv_fs_ftruncate
uv_fs_futime
uv_fs_get_path
uv_fs_get_ptr
uv_fs_get_result
uv_fs_get_statbuf
uv_fs_get_system_error
uv_fs_get_type
uv_fs_lchown
uv_fs_link
uv_fs_lstat
uv_fs_lutime
uv_fs_mkdir
uv_fs_mkdtemp
uv_fs_mkstemp
uv_fs_open
uv_fs_opendir
uv_fs_poll_getpath
uv_fs_poll_init
uv_fs_poll_start
uv_fs_poll_stop
uv_fs_read
uv_fs_readdir
uv_fs_readlink
uv_fs_realpath
uv_fs_rename
uv_fs_req_cleanup
uv_fs_rmdir
uv_fs_scandir
uv_fs_scandir_next
uv_fs_sendfile
uv_fs_stat
uv_fs_statfs
uv_fs_symlink
uv_fs_unlink
uv_fs_utime
uv_fs_write
uv_get_available_memory
uv_get_constrained_memory
uv_get_free_memory
uv_get_osfhandle
uv_get_process_title
uv_get_total_memory
uv_getaddrinfo
uv_getnameinfo
uv_getrusage
uv_gettimeofday
uv_guess_handle
uv_handle_get_data
uv_handle_get_loop
uv_handle_get_type
uv_handle_set_data
uv_handle_size
uv_handle_type_name
uv_has_ref
uv_hrtime
uv_idle_init
uv_idle_start
uv_idle_stop
uv_if_indextoiid
uv_if_indextoname
uv_inet_ntop
uv_inet_pton
uv_interface_addresses
uv_ip4_addr
uv_ip4_name
uv_ip6_addr
uv_ip6_name
uv_ip_name
uv_is_active
uv_is_closing
uv_is_readable
uv_is_writable
uv_key_create
uv_key_delete
uv_key_get
uv_key_set
uv_kill
uv_library_shutdown
uv_listen
uv_loadavg
uv_loop_alive
uv_loop_close
uv_loop_configure
uv_loop_delete
uv_loop_fork
uv_loop_get_data
uv_loop_init
uv_loop_new
uv_loop_set_data
uv_loop_size
uv_metrics_idle_time
uv_metrics_info
uv_mutex_destroy
uv_mutex_init
uv_mutex_init_recursive
uv_mutex_lock
uv_mutex_trylock
uv_mutex_unlock
uv_now
uv_once
uv_open_osfhandle
uv_os_environ
uv_os_free_environ
uv_os_free_group
uv_os_free_passwd
uv_os_get_group
uv_os_get_passwd
uv_os_get_passwd2
uv_os_getenv
uv_os_gethostname
uv_os_getpid
uv_os_getppid
uv_os_getpriority
uv_os_homedir
uv_os_setenv
uv_os_setpriority
uv_os_tmpdir
uv_os_uname
uv_os_unsetenv
uv_pipe
uv_pipe_bind
uv_pipe_bind2
uv_pipe_chmod
uv_pipe_connect
uv_pipe_connect2
uv_pipe_getpeername
uv_pipe_getsockname
uv_pipe_init
uv_pipe_open
uv_pipe_pending_count
uv_pipe_pending_instances
uv_pipe_pending_type
uv_poll_init
uv_poll_init_socket
uv_poll_start
uv_poll_stop
uv_prepare_init
uv_prepare_start
uv_prepare_stop
uv_print_active_handles
uv_print_all_handles
uv_process_get_pid
uv_process_kill
uv_queue_work
uv_random
uv_read_start
uv_read_stop
uv_recv_buffer_size
uv_ref
uv_replace_allocator
uv_req_get_data
uv_req_get_type
uv_req_set_data
uv_req_size
uv_req_type_name
uv_resident_set_memory
uv_run
uv_rwlock_destroy
uv_rwlock_init
uv_rwlock_rdlock
uv_rwlock_rdunlock
uv_rwlock_tryrdlock
uv_rwlock_trywrlock
uv_rwlock_wrlock
uv_rwlock_wrunlock
uv_sem_destroy
uv_sem_init
uv_sem_post
uv_sem_trywait
uv_sem_wait
uv_send_buffer_size
uv_set_process_title
uv_setup_args
uv_shutdown
uv_signal_init
uv_signal_start
uv_signal_start_oneshot
uv_signal_stop
uv_sleep
uv_socketpair
uv_spawn
uv_stop
uv_stream_get_write_queue_size
uv_stream_set_blocking
uv_strerror
uv_strerror_r
uv_tcp_bind
uv_tcp_close_reset
uv_tcp_connect
uv_tcp_getpeername
uv_tcp_getsockname
uv_tcp_init
uv_tcp_init_ex
uv_tcp_keepalive
uv_tcp_nodelay
uv_tcp_open
uv_tcp_simultaneous_accepts
uv_thread_create
uv_thread_create_ex
uv_thread_equal
uv_thread_getaffinity
uv_thread_getcpu
uv_thread_join
uv_thread_self
uv_thread_setaffinity
uv_timer_again
uv_timer_get_due_in
uv_timer_get_repeat
uv_timer_init
uv_timer_set_repeat
uv_timer_start
uv_timer_stop
uv_translate_sys_error
uv_try_write
uv_try_write2
uv_tty_get_vterm_state
uv_tty_get_winsize
uv_tty_init
uv_tty_reset_mode
uv_tty_set_mode
uv_tty_set_vterm_state
uv_udp_bind
uv_udp_connect
uv_udp_get_send_queue_count
uv_udp_get_send_queue_size
uv_udp_getpeername
uv_udp_getsockname
uv_udp_init
uv_udp_init_ex
uv_udp_open
uv_udp_recv_start
uv_udp_recv_stop
uv_udp_send
uv_udp_set_broadcast
uv_udp_set_membership
uv_udp_set_multicast_interface
uv_udp_set_multicast_loop
uv_udp_set_multicast_ttl
uv_udp_set_source_membership
uv_udp_set_ttl
uv_udp_try_send
uv_udp_using_recvmmsg
uv_unref
uv_update_time
uv_uptime
uv_version
uv_version_string
uv_walk
uv_write
uv_write2

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 389B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 66B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b12c3d549bb61f8c082b883c4c60541

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

09:5a:bc:9f:66:cf:6b:9b:7a:27:a8:83:c1:1b:b8:6d:e1:8d:38:b2:cf:7f:af:79:65:54:f6:14:ee:93:9d:deSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

winmm

ntdll

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 211KB - Virtual size: 210KB

.data Size: 59KB - Virtual size: 99KB

.pdata Size: 38KB - Virtual size: 38KB

.gxfg Size: 11KB - Virtual size: 11KB

.retplne Size: 512B - Virtual size: 140B

.tls Size: 512B - Virtual size: 389B

.voltbl Size: 512B - Virtual size: 66B

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 110KB - Virtual size: 110KB

.reloc Size: 5KB - Virtual size: 5KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

09:5a:bc:9f:66:cf:6b:9b:7a:27:a8:83:c1:1b:b8:6d:e1:8d:38:b2:cf:7f:af:79:65:54:f6:14:ee:93:9d:de
Signer

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 211KB - Virtual size: 210KB

.data
Size: 59KB - Virtual size: 99KB

.pdata
Size: 38KB - Virtual size: 38KB

.gxfg
Size: 11KB - Virtual size: 11KB

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 389B

.voltbl
Size: 512B - Virtual size: 66B

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 110KB - Virtual size: 110KB

.reloc
Size: 5KB - Virtual size: 5KB